Vulnerability & Exploit Database

Displaying entries 1 - 10 of 20 in total

Results for: CVE-2009-0023 Back to search

SUSE Linux Security Advisory: SUSE-SR:2009:013 Vulnerability

  • Severity: 10
  • Published: August 10, 2009

Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.

Sun Patch: SunOS 5.10_x86: Apache 2 Patch Vulnerability

  • Severity: 10
  • Published: August 06, 2009

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecifi...

Sun Patch: SunOS 5.10: Apache 2 Patch Vulnerability

  • Severity: 10
  • Published: August 06, 2009

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecifi...

RHSA-2010:0602: Red Hat Certificate System 7.3 security update Vulnerability

  • Severity: 10
  • Published: August 06, 2009

Updated packages that fix multiple security issues and rebase various components are now available for Red Hat Certificate System 7.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available fo...

USN-787-1: Apache vulnerabilities Vulnerability

  • Severity: 8
  • Published: June 07, 2009

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstr...

USN-786-1: apr-util vulnerabilities Vulnerability

  • Severity: 8
  • Published: June 07, 2009

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstr...

SUSE Linux Security Vulnerability: CVE-2009-0023 Vulnerability

  • Severity: 4
  • Published: June 07, 2009

The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the ...

RHSA-2009:1160: httpd22 security update Vulnerability

  • Severity: 8
  • Published: June 07, 2009

Updated httpd22 packages that fix multiple security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server. The httpd22 packages shipped with...

RHSA-2009:1108: httpd security update Vulnerability

  • Severity: 8
  • Published: June 07, 2009

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains an embe...

RHSA-2009:1107: apr-util security update Vulnerability

  • Severity: 8
  • Published: June 07, 2009

apr-util is a utility library used with the Apache Portable Runtime (APR).It aims to provide a free library of C data structures and routines. Thislibrary contains additional utility interfaces for APR; including supportfor XML, LDAP, database interfaces, URI parsing, and more.An off-by-one overflow flaw was found in the way apr-util pro...